Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
File: 1K5pV43Ol3ozqindV8oZD6aHd_o.mft (raw, json)
Hash identifier: vvEbGIRSUHYysVN3PimfbDOo7iW3ucaka/37qzI4Qd8=
Subject key identifier: A0:06:47:19:4D:28:56:EF:6D:A6:41:2D:52:5C:F6:0F:8B:EC:43:E1
Authority key identifier: D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA
Certificate issuer: /CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
Certificate serial: 019E1E36131E973B850B8997D1471DBCE08B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
Manifest number: 0F7C
Signing time: Tue 12 May 2026 22:02:00 +0000
Manifest this update: Tue 12 May 2026 22:02:00 +0000
Manifest next update: Wed 13 May 2026 22:02:00 +0000
Files and hashes: 1: 1K5pV43Ol3ozqindV8oZD6aHd_o.crl (hash: WoJY4aPa1VPOZhPGdqh9STOouX2xklsawngHRWLpVg4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:36:13:1e:97:3b:85:0b:89:97:d1:47:1d:bc:e0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
Validity
Not Before: May 12 22:02:00 2026 GMT
Not After : May 13 22:02:00 2026 GMT
Subject: CN=a00647194d2856ef6da6412d525cf60f8bec43e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f2:5a:de:06:13:bf:7a:6d:43:d6:04:11:c9:
3f:2c:5b:dc:f9:fe:14:f7:93:2f:cb:66:04:29:82:
04:c9:0a:d1:40:a5:3d:43:9c:14:f6:f0:3b:be:b9:
cf:ff:33:d0:42:3f:a8:a2:16:7b:c7:d7:89:94:cd:
e9:50:f4:68:ec:74:b0:75:f0:b8:16:a6:b7:a0:77:
68:00:0c:ff:42:30:49:2d:08:f0:48:ab:e9:f7:5a:
33:c3:d4:c8:71:cc:5c:2e:c2:cb:c3:c7:45:73:5d:
20:ff:cb:cb:28:df:cd:6c:ce:ba:2b:b1:d8:24:cf:
91:b6:53:7b:a1:58:39:ff:73:86:eb:6a:e9:56:a0:
6d:b3:69:f2:b5:db:a3:51:a7:7b:90:18:78:1c:2e:
ed:73:dc:5b:38:3e:45:03:ef:5d:ad:63:39:b9:6f:
e6:1e:7c:85:3f:80:91:b8:99:e3:00:f0:44:9e:df:
dc:9a:9f:4e:65:fe:05:2d:c2:0b:c2:df:99:a9:65:
d0:8f:04:50:9e:dd:46:ff:92:31:10:d5:fd:18:6c:
3f:ce:87:73:0b:fc:ef:88:b2:ac:f1:08:8f:e8:c2:
a3:e5:8f:83:73:b9:d5:5c:3d:2c:87:b0:f7:9c:f9:
1a:55:57:0e:3b:01:9d:7a:5a:fd:f0:de:d4:a0:3a:
bb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:06:47:19:4D:28:56:EF:6D:A6:41:2D:52:5C:F6:0F:8B:EC:43:E1
X509v3 Authority Key Identifier:
keyid:D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:c0:5b:70:3d:9c:f4:f2:ed:89:9c:31:a2:4f:2b:a3:3d:ee:
69:35:c0:85:e2:48:bc:b2:4e:51:24:c5:e9:62:83:80:e0:6b:
94:76:fa:dd:6f:62:03:b2:40:37:ae:1f:fa:a3:e9:59:ba:0a:
c3:7f:f7:22:8e:da:83:96:2b:a1:4d:3f:81:a3:54:7f:e8:ed:
d8:ac:b2:cb:bf:49:3e:ba:8e:5c:33:b2:9b:6b:d3:b9:6f:3b:
ab:5e:73:cc:f0:a4:87:41:7a:92:2b:bd:47:62:17:7a:fd:26:
9b:fa:73:4a:fc:cc:e4:5e:48:0a:39:00:da:02:4f:15:4e:0c:
00:8e:20:cc:a4:7a:df:10:c9:db:9b:ed:d0:64:de:a6:b6:8f:
d4:4d:a7:f5:15:72:ac:0a:7d:a7:13:8b:fb:36:88:29:ad:ed:
d6:41:ef:48:4e:a1:da:0b:83:37:ec:47:3c:46:e2:11:55:3c:
0d:b7:f8:fa:9a:af:9a:1a:6f:3d:f0:9a:97:a8:27:1d:0c:1e:
55:cc:a8:77:da:db:d9:cc:a2:c3:35:ff:2d:1e:8a:ed:49:fa:
55:93:0e:34:ad:60:50:fc:ae:15:4c:04:2f:32:ae:fe:cf:b1:
50:40:8a:7a:24:fa:84:0e:a0:c9:b7:d7:0c:1f:fc:0f:28:8d:
e7:25:ea:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4eNhMelzuFC4mX0UcdvOCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YWU2OTU3OGRjZTk3N2EzM2FhMjlkZDU3Y2ExOTBmYTY4
Nzc3ZmEwHhcNMjYwNTEyMjIwMjAwWhcNMjYwNTEzMjIwMjAwWjAzMTEwLwYDVQQD
EyhhMDA2NDcxOTRkMjg1NmVmNmRhNjQxMmQ1MjVjZjYwZjhiZWM0M2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPJa3gYTv3ptQ9YEEck/LFvc+f4U
95Mvy2YEKYIEyQrRQKU9Q5wU9vA7vrnP/zPQQj+oohZ7x9eJlM3pUPRo7HSwdfC4
Fqa3oHdoAAz/QjBJLQjwSKvp91ozw9TIccxcLsLLw8dFc10g/8vLKN/NbM66K7HY
JM+RtlN7oVg5/3OG62rpVqBts2nytdujUad7kBh4HC7tc9xbOD5FA+9drWM5uW/m
HnyFP4CRuJnjAPBEnt/cmp9OZf4FLcILwt+ZqWXQjwRQnt1G/5IxENX9GGw/zodz
C/zviLKs8QiP6MKj5Y+Dc7nVXD0sh7D3nPkaVVcOOwGdelr98N7UoDq7NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKAGRxlNKFbvbaZBLVJc9g+L7EPhMB8GA1UdIwQY
MBaAFNSuaVeNzpd6M6op3VfKGQ+mh3f6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5Yjct
YjRmMjk3N2QxOTZiLzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5YjctYjRmMjk3N2QxOTZi
LzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEMBbcD2c
9PLtiZwxok8roz3uaTXAheJIvLJOUSTF6WKDgOBrlHb63W9iA7JAN64f+qPpWboK
w3/3Io7ag5YroU0/gaNUf+jt2Kyyy79JPrqOXDOym2vTuW87q15zzPCkh0F6kiu9
R2IXev0mm/pzSvzM5F5ICjkA2gJPFU4MAI4gzKR63xDJ25vt0GTepraP1E2n9RVy
rAp9pxOL+zaIKa3t1kHvSE6h2guDN+xHPEbiEVU8Dbf4+pqvmhpvPfCal6gnHQwe
Vcyod9rb2cyiwzX/LR6K7Un6VZMONK1gUPyuFUwELzKu/s+xUECKeiT6hA6gybfX
DB/8DyiN5yXqoA==
-----END CERTIFICATE-----
Generated at Wed May 13 05:32:37 2026 by rpki-client